Export limit exceeded: 348774 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29909 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29909 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0710 | 3 Mysql, Oracle, Redhat | 4 Mysql, Mysql, Enterprise Linux and 1 more | 2026-04-16 | N/A |
| MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function. | ||||
| CVE-2002-0723 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.5 and 6.0 does not properly verify the domain of a frame within a browser window, which allows remote attackers to read client files or invoke executable objects via the Object tag, aka "Cross Domain Verification in Object Tag." | ||||
| CVE-2002-0724 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2026-04-16 | N/A |
| Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead to Denial of Service". | ||||
| CVE-2005-0711 | 3 Mysql, Oracle, Redhat | 4 Mysql, Mysql, Enterprise Linux and 1 more | 2026-04-16 | N/A |
| MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2005-3260 | 1 Versatilebulletinboard | 1 Versatilebulletinboard | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attackers to inject arbitrary web script or HTML via (1) the url parameter in dereferrer.php and (2) the file parameter in imagewin.php. | ||||
| CVE-2002-0726 | 1 Microsoft | 1 Tsac Activex Control | 2026-04-16 | N/A |
| Buffer overflow in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to execute arbitrary code via a long server name field. | ||||
| CVE-2002-0727 | 1 Microsoft | 2 Office Web Components, Project | 2026-04-16 | N/A |
| The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via the setTimeout method. | ||||
| CVE-2002-0732 | 1 Levcgi.com | 1 Myguestbook | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in MyGuestbook 1.0 allows remote attackers to execute arbitrary script or inject HTML via fields such as (1) user name or (2) comments. | ||||
| CVE-2002-0733 | 1 Acme Labs | 1 Thttpd | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in thttpd 2.20 and earlier allows remote attackers to execute arbitrary script via a URL to a nonexistent page, which causes thttpd to insert the script into a 404 error message. | ||||
| CVE-2005-0712 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Mac OS X before 10.3.8 users world-writable permissions for certain directories, which may allow local users to gain privileges, possibly via the receipt cache or ColorSync profiles. | ||||
| CVE-2002-0737 | 1 Sambar | 1 Sambar Server | 2026-04-16 | N/A |
| Sambar web server before 5.2 beta 1 allows remote attackers to obtain source code of server-side scripts, or cause a denial of service (resource exhaustion) via DOS devices, using a URL that ends with a space and a null character. | ||||
| CVE-2002-0740 | 1 Slrn Development Team | 1 Slrn | 2026-04-16 | N/A |
| Buffer overflow in slrnpull for the SLRN package, when installed setuid or setgid, allows local users to gain privileges via a long -d (SPOOLDIR) argument. | ||||
| CVE-2002-0750 | 1 Cgiscript.net | 1 Csmailto | 2026-04-16 | N/A |
| CGIscript.net csMailto.cgi program allows remote attackers to read arbitrary files by specifying the target filename in the form-attachment field. | ||||
| CVE-2005-0721 | 1 Gamearena | 1 Experience2 | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in modules.php in eXPerience2 allows remote attackers to execute arbitrary PHP code by modifying the file parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2002-0755 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier does not verify that a user is a member of the wheel group before granting superuser privileges, which could allow unauthorized users to execute commands as root. | ||||
| CVE-2002-0757 | 2 Usermin, Webmin | 2 Usermin, Webmin | 2026-04-16 | N/A |
| (1) Webmin 0.96 and (2) Usermin 0.90 with password timeouts enabled allow local and possibly remote attackers to bypass authentication and gain privileges via certain control characters in the authentication information, which can force Webmin or Usermin to accept arbitrary username/session ID combinations. | ||||
| CVE-2002-0759 | 1 Bzip | 1 Bzip2 | 2026-04-16 | N/A |
| bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, does not use the O_EXCL flag to create files during decompression and does not warn the user if an existing file would be overwritten, which could allow attackers to overwrite files via a bzip2 archive. | ||||
| CVE-2002-0760 | 1 Bzip | 1 Bzip2 | 2026-04-16 | N/A |
| Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, decompresses files with world-readable permissions before setting the permissions to what is specified in the bzip2 archive, which could allow local users to read the files as they are being decompressed. | ||||
| CVE-2002-0801 | 1 Macromedia | 1 Jrun | 2026-04-16 | N/A |
| Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows remote attackers to execute arbitrary code via a direct request to the filter with a long HTTP host header field in a URL for a .jsp file. | ||||
| CVE-2002-0802 | 2 Postgresql, Redhat | 2 Postgresql, Database | 2026-04-16 | N/A |
| The multibyte support in PostgreSQL 6.5.x with SQL_ASCII encoding consumes an extra character when processing a character that cannot be converted, which could remove an escape character from the query and make the application subject to SQL injection attacks. | ||||